On 19 July, a major disruption affected millions of Windows computers worldwide, leading to significant disruptions in airlines, banks, hospitals, and stock exchanges.
Cybersecurity firm CrowdStrike, which provides third-party security updates for Windows, has since clarified the cause of the incident.
On the morning of 19 July at 9:30 AM IST, CrowdStrike released a sensor configuration update for Windows systems as part of its Falcon platform’s ongoing security measures.
However, the update inadvertently triggered a logic error that led to widespread system crashes and blue screens (BSOD) for users.
CrowdStrike detailed the issue in a technical blog, explaining that the sensor configuration update caused a critical error within the operating systems of affected machines.
The company promptly addressed the problem, with remediation efforts concluding around 10:57 AM IST.
The cybersecurity firm emphasized that the incident was not related to any cyberattack.
Instead, it was a result of a logic flaw in the configuration update itself.
CrowdStrike explained, “The configuration update, intended to counter newly identified malicious named pipes used in cyberattacks, caused an unintended system crash.”
The update affected systems running Falcon sensor for Windows version 7.11 and above.
These systems, which downloaded the problematic configuration between 9:30 AM and 10:57 AM, were particularly vulnerable to the crash.
CrowdStrike assured that this type of update process is standard practice and has been in place since the inception of the Falcon platform.
The company has corrected the logic error by revising the content in Channel File 291, and no further changes to this file are anticipated.
The Falcon platform continues to monitor and safeguard against the misuse of named pipes.
CrowdStrike stated, “Systems not affected by this issue will continue to function normally and maintain their protective capabilities.”
Also Read: Indian Airports Resume Normal Operations
